Is your bitcoin wallet chained to the outdated chains of 2016 technology? Get ready, because there may be trouble lurking in the shadows, ready to pounce on the unsuspecting.
In the dizzying realm of cryptocurrencies, its digital strength may be nothing more than a relic of the past, leaving it vulnerable to the merciless winds of technological evolution.
Recently, cryptocurrency startup Unciphered was revealed a potential security threat to bitcoin wallets created before 2016.
Known as “Randstorm,” this software flaw encompasses a combination of bugs, architectural choices, and API (Application Programming Interface) modifications that increase the vulnerability of bitcoin wallets created between 2011 and 2015.
The genesis of this issue dates back to last year, when Unciphered was helping a customer who found themselves without access to a bitcoin wallet originally created on what is now recognized as Blockchain.com.
During the investigation to recover the wallet, bitcoin-wallets-made-2016-facing-023009325.html” target=”_blank” rel=”nofollow”>Unciphered stumbled upon a critical flaw in wallets generated by BitcoinJS between 2011 and 2015.
Unciphered, in its report on Tuesday, highlighted the importance of this flaw, suggesting that it may have affected approximately 1.4 million bitcoin.
This means that if 3 to 5 percent of these portfolios were affected, the potential value of the coins at risk could be between $1.2 and $2.1 billion.
Eric Michaud, co-founder of Unciphered, stated that BitcoinJS was seriously flawed until March 2014, and anyone using it directly faces a significantly high risk of being attacked.
Unciphered has spent several months notifying a considerable number of people, more than one million, about the vulnerability of their wallets.
The dangers of having wallets on outdated crypto platforms
A significant number of people remain uninformed because they own wallets built on defunct digital currency platforms.
Unciphered clarified that finding vulnerabilities does not imply that bitcoin or technology, in general, are fundamentally flawed. Instead, it reveals a chain of programming errors that occurred in various technologies between 2011 and 2015.
There are serious problems with many wallet codes, Unciphered found, and the companies that employed that technology may disappear.
bitcoin slightly above the $36K level today. Chart: TradingView.com
Despite that, it serves as a stark reminder that open source projects with little or no oversight lie beneath software infrastructure of all kinds, even those specifically intended to raise capital.
Michaud stated that the imperfections within every man-made technology come from its creators.
“Every man-made technology contains flaws that originate with its creators,” he said.
Wallet software developer Stefan Thomas said technology/2023/11/14/bitcoin-wallet-passcode-flaw/” target=”_blank” rel=”nofollow”>Washington Post who created wallets as a hobby. He said that, without checking the validity of the program, he had stolen a significant portion of code from a page belonging to a Stanford University student.
“Instead, I was obsessed with making sure I didn’t make any mistakes in my own code (…) I’m sorry to everyone affected by this mistake,” he added.
Source: Unciphered
In simple words, Unciphered called the vulnerability “Randstorm” since the source of it was the wallet software that produced cryptographic keys was not random enough.
They produced electronic keys with a randomness factor that were easier to hack, just one in a specific number of thousands, as opposed to others that were incredibly unique and difficult for someone else to copy (like a one in a trillion chance).
Navigating the hostile cryptocurrency landscape
Security expert Dan Guido said that the world of cryptocurrencies is quite hostile. It’s full of people trying to undermine what you’re building, whether through hacking attempts, regulatory challenges, or others interested in causing harm to bitcoin.
“To be honest, cryptocurrencies are a pretty hostile place, full of people attacking what you’re building,” he said.
As the curtain closes on the disturbing revelation of the “Randstorm” vulnerability, it is a stark wake-up call for those still tied to pre-2016 era bitcoin wallets.
The ominous specter of technological evolution looms large, and Unciphered’s recent exposé sheds light on the potential danger faced by those who are unaware of the vulnerabilities built into their outdated digital fortresses.
(The content on this site should not be construed as investment advice. Investing involves risk. When you invest, your capital is subject to risk.)
Featured image by WJHG
